Privacy and Security

This page is designed to provide you with information about how we use the personal data and information that you provide to us during your use of the ao.com website or mobile app and any communication (for example telephone) made between us relating to such use.

AO Retail Limited is the data controller of the information you provide. AO Retail Limited (t/a ao.com) is a company registered in England and Wales with registered number 03914998. We are part of the AO World PLC group of companies and our registered office address is 5A Parklands, Lostock, Bolton, BL6 4SD.

We may change our privacy policy from time to time. This policy was last updated on 05/09/2018 and is version 2.2.

Your Information and Why We Process It

The information we collect when you place an order with us includes: name, address, telephone numbers. Through your product reviews or surveys you may provide us further personal data including family size, affluence, gender or we may collect such data from third party data aggregators. Further we may have images of you if you use Olapic, profiling data technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, the advertisements you clicked to, IP addresses and cookies.

We only collect, keep, use or share your information for genuine business purposes, when you’ve approved us to do so, or when we’re obliged to legally. There are a few reasons why we use your personal details:

if you contact us with an enquiry either by telephone, email or live chat;

to process any order that you place on our website and arrange for its delivery and installation;

to maintain any registered accounts you have with us;

to make our website and our app accessible to you with informative content tailored to your needs including serving you with any pop-up messages and voucher codes;

if you have purchased a product from us we may contact you from time to time, by SMS, email or telephone regarding our latest promotional offers, products and services that we think you may be interested in;

if you use our app we store your data locally on your device in various file formats including cookies

promoting and advertising (including personalisation) of our products and services both on our website and elsewhere on the internet

promoting and advertising our products and services to you via email, SMS and post;

to train our employees to ensure that we are providing the best possible service;

we record telephone calls for compliance and legal reasons;

to get in touch regarding customer satisfaction surveys and market research;

when you provide a review on our website;

when you enter any of our competitions;

matching and aggregating your personal data for analysis and to provide you with a more personalised experience;

to analyse any problems with our website and improve its performance;

to ensure that you receive any cashback offered (either directly or via an affiliate website such as TopCashback);

when you engage with us on any social media platform

we also use personal details to contact you regarding our services and products and if we need to verify your identity;

Basis For Processing

For ao.com to be allowed to process your personal data, we must have a legal basis for the processing. The data protection legislation sets out what these bases are. We have described below the different bases that we rely on and provided examples of the processing.

Contractual

There are some contractual reasons why we have to process your personal data. When you buy a product on our website, it creates a contract between us. We need to process the personal data that you provide in order to fulfil our part of the contract. If you do not provide your details we won’t be able to complete your order.

Legal

Sometimes we are required to process the personal data that we hold about you for legal reasons - for example, if there is a product recall.

Legitimate Interests

We also rely on being able to process your personal data on the basis that it is in our legitimate interests. When we do this we will always consider your interests and balance any positive or negative impact relating to such processing and your legal rights relating to data protection. The legitimate interests of ao.com do not automatically override your interests.

If you do not want us to process any of the personal data we have listed as being processed for legitimate purposes, you have the right to object. For more information see the section below relating to your rights. Please note that if you object we may still continue to process your personal data in certain circumstances. Please also remember that if we can’t process your personal data for these purposes your customer experience may not be as enjoyable.

Our legitimate interests include:

analysing and understanding your customer journey and behaviour to improve efficiencies and interaction

sending you email or SMS marketing messages, if you have previously bought something from us

calling you to discuss your delivery and any other services that we would like to offer you

promoting and advertising our products and services both on our website and elsewhere on the internet

analysing our website’s performance and solving any problems

staff training

personalisation of your shopping experience

Consent

In some cases, we will ask whether you would like us to process your personal data. For example, if you would like us to notify you when an out of stock item becomes available or if you enter into a competition. If you provide us with consent, you may withdraw it at any time by contacting us.

When We'll Contact You

We may contact you by telephone shortly after your purchase to discuss your delivery and make sure that it all goes smoothly for you. We may also offer you other services which relate to the products that you have purchased. If you decide not to purchase a product protection plan on such call we may contact you around the expiry of the manufacturer’s guarantee to see whether this would then be of interest to you. If you do not wish to receive these calls, please contact us by phone, email or post.

We like to be able to keep you up to date with news, offers and promotions, but you can opt out of receiving email and text messages from us at any time. To do this, you can click the unsubscribe box that appears on the order confirmation page when you place an order, click on the “unsubscribe” link on the bottom of any of our unsolicited marketing emails, or contact our contact centre. It may take a couple of days for all of our systems to update, so bear with us whilst we process your request. Please note, if you submit information but there is an error or delay in processing, we may use the details you've submitted to contact you to complete your order.

If you have asked us to notify you when an out of stock item becomes available, the email will not have an unsubscribe link in it as it is a single email notification. Unsubscribing from marketing will not affect your ability to receive an out of stock notification.

Email and SMS Unsubscribe

email or phone:

Please enter a valid email address or phone number

Unsubscribe request for email address has been submitted.Please allow up to 48 hours for any changes to come into effect.

Unsubscribe request for mobile number has been submitted.Please allow up to 48 hours for any changes to come into effect.

We can’t unsubscribe you at this time, please try again later.

When You Contact Us

If you get in touch by email or live chat to ask a question about your order or our services, we’ll keep a record of your emails and our responses. This helps us to resolve any problems, and to answer your query quickly and easily if you need to get in touch again. It also helps us to check our advisors have all the training they need to give you the best possible help. Your telephone calls to AO may also be recorded for training and regulatory purposes.

Information We'll Share

We share your information in very limited circumstances set out below:

where we’re obliged to do so (for example a legal request),

when we need to work with a third party or core service provider, for example a delivery service, insight companies, marketing communications providers or IT service providers. Each provider is carefully selected, and we’d only pass on the information required for them to perform that service on our behalf; they cannot use your data for any other purpose e.g. their own marketing purposes;

We sometimes share anonymised information and analytics with third parties but not in a way that they could identify you as an individual.

We use third party payment service providers which are integrated into our website. When you pay using one of these methods e.g. PayPal, you are redirected to the provider’s portal. Your use of these services are subject to the terms and conditions (and privacy policies) of the payment providers.

Transfers To Third Countries

ao.com may transfer your personal data outside of the European Economic Area. This will only be as a result of our service providers being based outside of this area e.g. cloud hosting service providers such as Amazon Web Services or Microsoft Azure. We will always ensure that such providers are in a country that has been assessed to provide adequate protection to personal data by the European Commission, or if the service provider signs a contract with us which contains the relevant protections for you; for example, if a company is based in the United States of America and has signed up to the Privacy Shield we may also send personal data to them for the limited purposes referred to above.

How Long Do We Keep Your Information?

We will only keep your personal data for as long as it remains necessary in line with the reason that we collected it from you and to meet any legal requirements (such as resolving a dispute). The time that the personal data is kept for is called the retention period. We retain your personal data relating to the purchase of your products for a period of 10 years after your purchase. This is in line with certain product liability provisions under the Consumer Protection Act 1987.

If you call or message our contact centre with an enquiry (but do not place an order) we will keep your personal data for one month.

If you ask us to notify you about an out of stock item, we will do so if it becomes available within one month of your request.

If you receive marketing emails and SMS from us and have not unsubscribed from these messages we will continue to process your personal data for this purpose for a maximum period of four years. You may ask us to stop processing for this purpose at any time.

Your Rights

You have a set of legal rights in relation to your personal data. These rights are to ensure that you are in control of how your personal data is used by organisations. We have provided a summary of your rights below:

You have the right to know what personal data we store that relates to you (also known as a subject access request);

If any personal data is not correct (for example it is old information), you have the right for it to be corrected;

You have the right to tell us to stop using your personal data for the purpose of sending you direct marketing;

You have the right to tell us you no longer consent to any processing, which was based on you giving consent;

You have the right to ask us to no longer process your information on the basis of our legitimate interests. We will stop processing your personal data unless there is a legitimate reason that does not prejudice you.

You have the right to ask us to erase your personal data where the personal data is no longer necessary for the purpose for which it is collected. The right to erasure is not an absolute right.

You have the right to ask for an individual to review any decision made using an automated process.

If you would like to exercise any of your rights, please contact us at[email protected]

If you ask us to no longer send you any marketing (by email or SMS) please allow 48 hours for your request to be processed in our system. You can unsubscribe from email and SMS by clicking on the buttons in the When we’ll contact you section above. If you do not wish to receive calls relating to product protection plans, please contact us by phone, email or post.If you ask for us not to call you for marketing purposes, please allow 48 hours for us to action this request.

Creating An Account With AO

Creating an account with AO gives you the ability to check out more quickly by allowing us to remember your delivery address and payment information, so you don’t have to re-enter those details every time. You can save a number of addresses and payment options, along with your contact telephone numbers.

We do our part in protecting your account by strongly hashing your password using modern ciphers and cryptographic patterns. Our staff have no way of accessing your password.

In addition, your card details will never be sent, or stored on our platforms. Instead, your details are managed and protected by a dedicated E-commerce credit card payment management company.

It’s important that you also take responsibility for protecting your account information. Make sure your password is suitably complex, don’t share it with others, and try not to use the same one for lots of online accounts. Never send your password by email – we’ll never ask you to do so. We won’t ask you for your password information over the ‘phone; but we can advise you on how to reset it.

It’s a good idea to reset online passwords occasionally, and you can do so through the My Account area. If you think anyone has accessed your account information without your approval, contact us to let us know.

Refer A Friend Scheme

We operate a Refer a Friend scheme using a platform powered by MentionMe. The full terms and conditions relating to the scheme can be found on the referrer and referee pages on the MentionMe site. By signing up to the scheme you are also subject to MentionMe’s terms and conditions and privacy policy which can be found here. The emails that you receive are generated by the MentionMe platform and only relate to the referral scheme, but MentionMe will never use your details for any other purpose.

Our Finance Provider, V12 Retail Finance

If you spend £199 or more on the ao.com site, you can choose to spread the cost of your purchase by using finance. This payment option is provided by our chosen partner, V12 Retail Finance.

We've teamed up with V12 Retail Finance to offer you a flexible and affordable option to pay on finance. Both V12 Retail Finance provides Retail Point of Sale Credit through an online paperless application and processing system. As part of the process a credit check will be obtained from a credit reference agency. A record of this search is held by the credit reference agency and can been seen when future searches about you are made. If your application is successful, you will enter into a Credit Agreement with either Secure Trust Bank PLC trading as V12 Retail Finance. When you select the Pay on Finance option, you’ll progress to V12’s secure online form to complete your application, and then be passed back to our checkout to complete your order. Once you have entered your details on the portal an automated credit check will be undertaken to see if you are eligible for the finance options. If your application is unsuccessful as a result of the automated decision you can request that it is reviewed by an individual at V12 and that your application is reconsidered. If your application is successful, you’ll enter in a Credit Agreement with Secure Trust Bank Plc (V12’s parent company) which will be administered by the lender

The entry on your bank statements will show as a payment to Secure Trust Bank Plc.

The credit provider will let us know whether or not your application was successful when they pass you back to our checkout, but they won’t share any other information regarding your application or credit report. If you enter into a Credit Agreement with them, you’ll need to contact them directly with any queries or requests.

V12 is authorised and regulated by the Financial Conduct Authority. Secure Trust Bank Plc is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority under registration number 204550.

Contacting The Information Commissioner's Office

If you are not happy with the way in which we have dealt with your personal data or your enquiries relating to that personal data, it is your right to make a complaint to the data protection regulator. The regulator is the Information Commissioner’s Office. You can find more detail at www.ico.org.uk.

Contacting Us

We’re always looking for new ways to improve your shopping experience with us, that’s why we love hearing from you. If you have any questions about how we use your personal data or if you’d like to amend or stop us from processing your data (for marketing purposes), please contact us. You can get in touch by giving our friendly contact centre a call on 0344 324 9222 or you can write to us at our registered office address - 5A Parklands, Lostock, Bolton, BL6 4SD.

We have appointed a Data Protection Officer (DPO). You may contact the DPO by writing to us at the registered office address set out above or by emailing [email protected].

Security

Your privacy is important to us which is why we’ve ensured every part of our site uses secure connections. Look for the green padlock in the address bar and the letters ‘https’, as these should always be present when browsing our site.

We only take orders through web browsers that allow communication through Secure Socket Layer (SSL) technology. There’s no way you can order through an unsecured connection.

To keep you safe, we gain accreditation from the Payment Card Industry (PCI) every year. This third-party certification certifies that we take appropriate precautions to make sure your details are kept safe. This covers everything from ensuring our teams are well trained in the security risks and vulnerabilities today, to implementing security compliant IT solutions. More information regarding this security standard can be found here: https://www.pcisecuritystandards.org/pci_security/

For extra security, you’ll see our checkout uses Verified by Visa, Mastercard SecureCard and American Express Safekey, which safeguards you from unauthorised use of your cards. Once you've registered and created a password with your card issuer, you'll be prompted to provide this each time you check out.

We’re constantly monitoring and testing our IT systems and using the latest technology to identify potential vulnerabilities and attacks to provide a safe and secure shopping environment.

Cookies

Cookies are small file containing letters and numbers that is stored in your browser or the hard drive of your device and it is used to transfer information.